Security Basics mailing list archives
RE: Definitions
From: "easternerd" <easternerd () gmx net>
Date: Mon, 20 Sep 2004 23:35:33 +0530
Hi, When we talk about Universal Enforcement in the field of security, Solutions like NAP by Microsoft and NAC by Cisco systems come to mind, They are end to end solutions within the intranet (incl connections to the intranet). These systems check the security of the machines and instantly shuts down the ports of the machine not confirming to the security policy implemented sitewide. When a connection is made from the internet to the internal site, They Enforcement Software such as NAP and NAC check for machines compliance and only let them in if they confirm, otherwise they are channelled into a que where they are given an option to rectify their machines with the current policy in place and update accordingly, otherwise they are disconnected from the network instantly. These are just a couple of implementations that Big time solution providers are coming up with, and this in my view is exactly what Universal Enforcement means in one way or the other to get it secured. Related Links : http://itpapers.news.com/abstract.aspx?docid=78519&promo=300111&tag=wpr.1011 ,1725,1728,1729,1730 http://itpapers.news.com/abstract.aspx?docid=96271&promo=300111&tag=wpr.1011 ,1725,1728,1729,1730 http://itpapers.news.com/abstract.aspx?docid=94821&promo=300111&tag=wpr.1011 ,1725,1728,1729,1730 Email Correspondence : easternerd () gmx net easternerd () eml cc Website : http://www.cryptography.tk http://www.securityrisk.org -----Original Message----- From: Dan Denton [mailto:ddenton () PAYLESSOFFICE com] Sent: Thursday, September 16, 2004 10:34 PM To: Mark Teicher; security-basics () securityfocus com Subject: RE: Definitions Automated Patch Management usually refers to a product such as Microsoft SUS or SMS, for which you choose the patches to be deployed and they are distributed automatically (with some client configuration). I would assume Universal Enforcement means implementing some kind of security policy (firewall, proxy, AV, etc...) in a domain/organization wide manner. -----Original Message----- From: Mark Teicher [mailto:mht3 () earthlink net] Sent: Monday, September 13, 2004 8:24 PM To: security-basics () securityfocus com Subject: Definitions Since I am fairly new to some of the new definition in Security. I figure this would be the place to ask. What does automated patch management mean or universal enforcement mean? thanks /mht ------------------------------------------------------------------------ --- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
Current thread:
- RE: Definitions Dan Denton (Sep 18)
- RE: Definitions easternerd (Sep 23)
- <Possible follow-ups>
- RE: Definitions Britton, Jeff B. (Sep 18)
- Message not available
- RE: Definitions Mark Teicher (Sep 20)
- Message not available